DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

TLS: Assume explicit IV for TLS v1.1 and newer

Browse source 
This is needed to allow TLS v1.2 to be supported.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2011-11-27 21:38:25 +02:00
parent 6c67d77fef
commit bcf03f5209
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/tls/tlsv1_record.c
View file

@ -175,7 +175,7 @@ int tlsv1_record_send(struct tlsv1_record_layer *rl, u8 content_type, u8 *buf,
cpayload = pos; cpayload = pos;
explicit_iv = rl->write_cipher_suite != TLS_NULL_WITH_NULL_NULL && explicit_iv = rl->write_cipher_suite != TLS_NULL_WITH_NULL_NULL &&
rl->iv_size && rl->tls_version == TLS_VERSION_1_1; rl->iv_size && rl->tls_version >= TLS_VERSION_1_1;
if (explicit_iv) { if (explicit_iv) {
/* opaque IV[Cipherspec.block_length] */ /* opaque IV[Cipherspec.block_length] */
if (pos + rl->iv_size > buf + buf_size) if (pos + rl->iv_size > buf + buf_size)
@ -377,7 +377,7 @@ int tlsv1_record_receive(struct tlsv1_record_layer *rl,
* attacks more difficult. * attacks more difficult.
*/ */
if (rl->tls_version == TLS_VERSION_1_1) { if (rl->tls_version >= TLS_VERSION_1_1) {
/* Remove opaque IV[Cipherspec.block_length] */ /* Remove opaque IV[Cipherspec.block_length] */
if (plen < rl->iv_size) { if (plen < rl->iv_size) {
wpa_printf(MSG_DEBUG, "TLSv1.1: Not " wpa_printf(MSG_DEBUG, "TLSv1.1: Not "